Use Of Insufficiently Random Values
Magento LTS is vulnerable to Use of Insufficiently Random Values. The vulnerability is caused by not generating sufficient length protectcode value as part of guest order cookie - guest-view and not implementing a rate limiting in the end point e.g: /magento19/index.php/default/sales/guest/view/...